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[57] ABSTRACT 

A hard disk data security device comprises a control 
circuit which once detecting an I/O address of data 
register for hard disk present on the address bus enables 
a data enciphering/deciphering circuit which receives 
the data to be stored on the hard disk from the computer 
inside which the hard disk is installed and converts the 
data from a regular form into an encrypted form or 
receives the encrypted data from the hard disk and 
decrypts and outputs the data to the computer. A plu- 
rality of switches may be provided for a user to select an 
arbitrary encrypting pattern of the data byte. 

7 Claims, 1 Drawing Sheet 
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HARD DISK DATA SECURITY DEVICE 

FIELD OF THE INVENTION 

The present invention relates generally to a data secu- 5 
rity device and in particular to a data security device for 
a hard disk (also referred to as a fixed disk) by encrypt- 
ing the data to be stored in the hard disk in a special 
manner to provide data security. i 0 

BACKGROUND OF THE INVENTION 

Data security devices are currently commercially 
available. These devices use either software or hard- 
ware to convert the data to be stored in a hard disk 15 
drive in such a manner that only the specific decrypting 
means of such devices can read the encrypted data. 
Heretofore, the decrypting means of data security de- 
vice for both the software type and hardware type 
encrypting means are in the form of software which 20 
takes CPU (central processing unit) time and memory in 
execution. This worsens the efficiency of the CPU. 

It is therefore desirable to have a data security device 
in the form of hardware so as to provide a desired data 2 j 
security while maintaining the CPU efficiency and the 
availability of the computer memory and the CPU to 
the users. 

OBJECTS OF THE INVENTION 

30 

The primary object of the present invention is there- 
fore to provide a data security device for a hard disk 
which is in a form of hardware so as to provide a de- 
sired data security for the data stored in a fixed disk 
driver while mamtaining the CPU efficiency and the 35 
availability of the computer memory and the CPU to 
the users of a computer. 

It is another object of the present invention to pro- 
vide a hard disk data security device which is capable to 
detect the hard disk I/O add ress on an address bus to 40 
automatically actuate encrypting of the data to be 
stored in the hard disk so as to convert the data into a 
security mode which is only readable to a decrypting 
means associated therewith so as to provide data secu- 45 
rity. 

To achieve the above-mentioned object, there is pro- 
vided a hard disk data security device comprising a 
control circuit which once detecting an I/O address of 
data register for hard disk present on the address bus 50 
enables a data enciphering/deciphering circuit which 
receives the data to be stored on the hard disk from the 
computer inside which the hard disk is installed and 
converts the data from a regular form into an encrypted 
form or receives the encrypted data from the hard disk 55 
and decrypts and outputs the data to the computer. A 
plurality of switches may be provided for a user to 
select an arbitrary encrypting pattern of the data byte. 

Other objects and advantages of the invention will be ^ 
apparent from the following description of a preferred 
embodiment taken in connection with the only one 
drawing which is: 

BRIEF DESCRIPTION OF THE DRAWING 

65 

FIG. 1 is a circuit diagram showing the circuit com- 
prised in the hard disk data security device in accor- 
dance with the present invention. 



DETAILED DESCRIPTION OF THE 
PREFERRED EMBODIMENT 

Referring to the drawing, a hard disk data security 
device in accordance with the present invention com- 
prises a data enciphering/deciphering circuit 1 and a 
control circuit 2. The control circuit 2 is used to check 
if an I/O address of data register for hard disk, prefera- 
bly the hexadecimal signal 1F0/170 which normally 
represents an I/O address for the hard disk of a personal 
computer, preferably an IBM compatible personal com- 
puter (IBM is a trademark of International Business 
Machine Co.), is present on an address bus of the com- 
puter (not explicitly shown) on which the data security 
device is installed. In the embodiment shown in the 
drawing, symbols S AO-S A6 and SA8 respectively rep- 
resent a portion of signal lines of a standard (IBM com- 
patible) personal computer address bus of which lines 
SA0-SA3 are respectively connected to an input of a 
NAND gate Nl via an invertor II, 12, 13 or 14 while 
lines SA4-SA6 and SA8 are respectively connected to 
an input of the NAND gate Nl directly. The output of 
the NAND gate Nl is sent out to two control lines 
CON1 and CON2 via a further invertor 15. 

With such an arrangement, once the hexadecimal 
signal 1F0/170 is present on the address bus, the control 
lines CON1 and CON2 will actuate electronic switches 
SI and S2 to form a data flow path through the data 
endphering/deciphering circuits 1. 

The data enciphering/deciphering circuits 1 com- 
prises at least a sub-circuit each of which is associated 
with a bit of a data byte on the data bus and thus if the 
computer on which the data security device is installed 
is a sixteen bit machine, there are correspondingly six- 
teen sub-circuits included in the data enciphering/deci- 
phering circuits 1. For simplifying the illustration, there 
is only one such sub-circuit of the data enciphering- 
/deciphering circuit 1 shown in the drawing. However, 
it is understood that there can be more than one such 
sub-circuit to be respectively associated with each bit of 
an actual data byte. 

The sub-circuit of the data enciphering/deciphering 
circuit 1 comprises two exclusive OR gates XI and X2 
each of which has two inputs one of which is connected 
to a data bit line and the other to a voltage source VCC 
so that the exclusive OR gates XI and X2 can invert a 
bit of a data byte, namely converting the bit into the 
binary complemental number thereof. These two exclu- 
sive OR gates XI and X2 are arranged in different direc- 
tions of data flow and thus respectively for writing to 
and reading from the hard disk. 

A switch SW1 is included in the sub-circuit of the 
data enciphering/deciphering circuit 1 in such a manner 
to make the inputs of the exclusive OR gates XI and X2 
which are connected the voltage source VCC now 
selectively switchable between the voltage source VCC 
(which may be a HIGH state) or ground (which may 
represent a LOW state). By selecting the ground, the 
exclusive OR gates XI and X2 no longer convert a data 
bit into its binary complemental number. 

In accordance with the present invention, the switch 
SW1 for each sub-circuit of the data enciphering/deci- 
phering circuit 1 can be set or re-set individually so as to 
provide a variety of different combinations of setting 
and re-setting of the switches associated with the bits of 
a data byte. 

With the arrangement described above, it is under- 
stood that once the control circuit 1 detects the hexa- 
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decimal signal 1F0/17O present on the address bus, the 
connection between the computer data bus (designated 
as PC DATA BUS in the drawing) and the hard disk 
data bus (designated as HDD DATA BUS in the draw- 
ing) is done via the data enciphering/deciphering cir- 5 
cuit 1 and once the switch SW1 is selected to connect to 
the voltage source VCC, each bit of a data byte flowing 
on the computer data bus will be inverted. The inverted 
data which is thereafter stored on the hard disk can only 
be read by using the data enciphering/deciphering cir- 10 
cuit 1 which once again inverted the data byte to restore 
to the original data form. 

If no 1F0/170 signal is present on the address bus, the 
data bus of the computer is connected directed to the 
hard disk via a data bus 3. is 

It is understood that although in the embodiment 
shown in the drawing, the encrypting is done by invert- 
ing a bit of a data byte into its binary complemental 
form, it is also possible to provide another way to en- 
crypt the data byte provided that such a method meets 20 
the requirements of the present invention. 

The switch SW1 used to select the encrypting path or 
the non-encrypting path for a data bit can be set manu- 
ally or by an electronic control so that if there is more 
than one such switch, each of the switches can be oper- 25 
ated individually and in such a case, arbitrarily setting 
these switches provides an arbitrary combination of the 
setting or re-setting of the switches and thus making it 
difficult for an unauthorized person to decipher the data 
codes stored in the hard disk. 30 

It is apparent that although the invention has been 
described in connection with a preferred embodiment, 
those skilled in the art may make changes to certain 
features of the preferred embodiment without departing 
from the spirit and scope of the invention as defined in 35 
the appended claims. 

What is claimed is: 

1. A hard disk data security device for a computer 
wherein said computer comprises a computer address 
bus, a computer data bus and a hard disk with a hard 40 
disk data bus connected between said computer data bus 
and said hard disk, said security device comprising a 
control circuit and a data enciphering/deciphering cir- 
cuit actuated by said control circuit when detecting an 
I/O address of data register for the hard disk present on 45 
the address bus, said data enciphering/deciphering cir- 
cuit receiving a first data byte from said computer data 
bus and generating a second data byte or receiving the 
second data byte and converting the second data byte 
into the first data byte. 50 

2. A hard disk data security device as claimed in 
claim 1 wherein said I/O address is hexadecimal 
1F0/170 and wherein said control circuit comprises a 
plurality of inputs respectively connected to a signal 
line of the address bus so that when the hexadecimal 55 
1FO/170 signal is present on the address bus, a control 
signal is generated by the control circuit to actuate the 
data enciphering/deciphering circuit. 

3. A hard disk data security device as claimed in 
claim 1 wherein said control signal generated by said 60 
control circuit is used to control a plurality of first 
switches which selectively connects said computer data 
bus to said hard disk via said data enciphering/deci- 
phering circuit under the control of said first switches. 

4. A hard disk data security device as claimed in 65 
claim 1 wherein said data enciphering/deciphering cir- 
cuit comprises at least a sub-circuit which is associated 
with a bit of the data byte, said sub-circuit comprising a 
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first exclusive OR gate which has a first input con- 
nected to a voltage source and a second input to receive 
the first data bit and converting said first data bit into 
the second data bit, said sub-circuit of the data enci- 
phering/deciphering circuit further comprising a sec- 
ond exclusive OR gate which has a first input connected 
to a voltage source and a second input to receive the 
second data bit to convert said second data bit into said 
first data bit. 

5. A hard disk data security device as claimed in 
claim 4 wherein said sub-circuit comprises a second 
switch which is switchable between a set position 
wherein a bit of the data byte is conducted to pass 
through and is thus converted by said sub-circuit and a 
reset position wherein said bit of the data byte is not 
conducted through said sub-circuit and thus not con- 
verted thereby, each of said second switches being ca- 
pable to be set or reset independently of each other so as 
to provide a variety of different combinations of setting 
and resetting of the second switches associated with the 
bits of the data byte. 

6. A hard disk data security device as claimed in 
claim 1 wherein said data enciphering/deciphering cir- 
cuit comprises at least a sub-circuit which is associated 
with a bit of the data byte, said sub-circuit comprising a 
first exclusive OR gate which has a first input con- 
nected to a voltage source and a second input to receive 
the first data bit and converting said first data bit into 
the second data bit, said sub-circuit of the data enci- 
phering/deciphering circuit further comprising a sec- 
ond exclusive OR gate which has a first input connected 
to a voltage source and a second input to receive the 
second data bit to convert said second data bit into said 
first data bit, the sub-circuit comprising a second switch 
which is switchable between a set position wherein said 
data bit is conducted to pass through and is thus con- 
verted by said sub-circuit and a reset position wherein 
said data bit is not conducted through said sub-circuit 
and thus not converted thereby, each of said second 
switches being capable to be set or reset independently 
of each other so as to provide a variety of different 
combinations of setting and resetting of the second 
switches associated with the bits of the data byte, said 
second switch being disposed in said data enciphering- 
/deciphering circuit in such a way to selectively con- 
nect said first inputs of said first and second exclusive 
OR gates to said voltage source to set said second 
switch to the set position or to connect said first inputs 
of said first and second exclusive OR gates to ground to 
set said second switch to the re-set position. 

7. A hard disk data security device as claimed in 
claim 1 wherein said I/O address is hexadecimal 
1F0/170 and wherein said control circuit comprises a 
plurality of inputs respectively connected to a signal 
line of the address bus so that when said hexadecimal 
1F0/170 signal is present on the address bus, a control 
signal is generated by the control circuit to control a 
plurality of first switches which selectively connects 
said computer data bus to said hard disk via said data 
enciphering/deciphering circuit under the control of 
said first switches and wherein said data enciphering- 
/deciphering circuit comprises at least a sub-circuit 
which is associated with a bit of the data byte, said 
sub-circuit comprising a first exclusive OR gate which 
has a first input connected to a voltage source and a 
second input to receive the first data bit and converting 
said first data bit into the second data bit, said data 
enciphering/deciphering circuit further comprising a 
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second exclusive OR gate which has a first input con- 
nected to a voltage source and a second input to receive 
the second data bit to convert said second data bit into 
said first data bit, the sub-circuit comprising a second 
switch which is switchable between a set position 5 
wherein said data bit is conducted to pass through and 
is thus converted by said sub-circuit and a reset position 
wherein said data bit is not conducted through said 
sub-circuit and thus not converted thereby, each of said 
second switches being capable to be set or reset inde- 10 
pendently of each other so as to provide a variety of 



different combinations of setting and re-setting of the 
second switches associated with the bits of the data 
byte, said second switch being disposed in said data 
enciphering/deciphering circuit in such a way to selec- 
tively connect said, first inputs of said first and second 
exclusive OR gates to said voltage source to set said 
second switch to the set position or to connect said first 
inputs of said first and second exclusive OR gates to 
ground to set said second switch to the re-set position. 
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